Three Chinese citizens have been charged by a US court with hacking attacks on international corporations. The hackers had targeted Moody’s Analytics, Siemens and GPS maker Trimble, the indictment says. They are alleged to have used email phishing scams and malware to try to steal business secrets. The three are not in custody and it is not clear if they are still in China. Chris Doman, Security Researcher at AlienVault commented below.
Chris Doman, Security Researcher at AlienVault:
“It’s not a surprise this indictment comes from the FBI’s Pittsburgh office – they have been very aggressive at going after cyber criminals.
Much of the activity within the indictment dates back sometime, and the group known as APT3 were outed earlier this year by independent researchers as Boyusec. There were reports last year that much of their activity had moved to focus on domestic targeting against residents of Hong Kong recently. Historically, they targeted a number of western defence contractors and aerospace companies.
There were a number of attacks against Western companies by APT3 the month before the US-China cyber agreement to limit espionage. However, they tailed off afterwards. There was activity after the agreement targeting the West but from my viewpoint it was very limited.
The last activity I’ve seen was targeting Hong Kong in February 2017, a couple of months before they were outed.
It’s possible that they have continued attacks against the West but it’s likely that the FBI are indicating they will go after people for historical activity regardless of location.
This is a bit of a different situation to when members of APT1 were indicted. They were members of the Chinese army, whereas Boyusec are likely contractors.”